I want to increase performance of my nginx using OCSP Stapling here:
=> https://www.nginx.com/blog/10-tips-for-10x-application-performance/#Tip-5 %E2%80%93-Optimize-SSL/TLS
But In order to tun on OCSP Setting I need this in my nginx.conf:
ssl_stapling on;
ssl_stapling_verify on;
ssl_trusted_certificate /etc/nginx/cert/trustchain.crt;
resolver 8.8.8.8 8.8.4.4 valid=300s;
My current certificate settings looks like this now:
ssl_certificate %ssl_pem%;
ssl_certificate_key %ssl_key%;
My question is how to setup “ssl_trusted_certificate” which needed to enable ssl_stapling?
For information:
On backend: I use self signed certificate
On Frontend: I use Cloudflare SSL (Full mode)